If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Just an update with more specifics...The boss just wants a few wireless notebooks to be able to connect to the existing LAN, and we're looking at well-ranged 802.11 b/g devices. Does that pinpoint things a bit better?

- if you must deploy wireless, here are few tips:
- do NOT put the WAP on your internal network, hang it off of a DMZ on your firewall and require users to VPN into your network once they've connected to the WAP
- DO use WEP, it's weak, but every little bit helps (think defense in depth)
- DO use MAC address filtering (again, defense in depth)
- Once you've got the network set up, take your own laptop and walk around the building to see how far your radio signal reaches. Limiting the signal strength is beyond the scope of a simple forum post, but at least knowing how far you've just extended your network will make you aware of your exposure.
- get your hands on a WAP that supports WPA (basically WEP with TKIP)

- if you must deploy wireless, here are few tips:
- do NOT put the WAP on your internal network, hang it off of a DMZ on your firewall and require users to VPN into your network once they've connected to the WAP
- DO use WEP, it's weak, but every little bit helps (think defense in depth)
- DO use MAC address filtering (again, defense in depth)
- Once you've got the network set up, take your own laptop and walk around the building to see how far your radio signal reaches. Limiting the signal strength is beyond the scope of a simple forum post, but at least knowing how far you've just extended your network will make you aware of your exposure.
- get your hands on a WAP that supports WPA (basically WEP with TKIP)

Very good advice venom600...

I do not work in a large crowded city where security 10 or 20 feet outside of my building would be a concern. I suppose I do sometimes need to figure in the possibilities of industial espionage, Bandwidth hijacking, and possibly Homeland security against Terrorism, and other risks when suggesting a simple fix for a small in-house network.

AngelicKnight... what is the element of security you are trying to achieve, are there people out there who could benifit from cracking your network?